Assuming an already configured machine named tristan, let's
look at the IP addressing and routing
table. Next we'll examine how the machine
communicates with computers (hosts) on the locally reachable network. We'll
then send packets through our
default gateway to other networks. After learning what a default
route is, we'll look at a static
route.
One of the first things to learn about a machine attached to an IP
network is its IP address. We'll begin by looking at
a machine named tristan on the main desktop network (192.168.99.0/24).
The machine tristan
is alive on IP 192.168.99.35 and
has been properly configured by the system administrator.
By examining the
route
and ifconfig
output we can learn a good deal about the network to which
tristan is connected
[1].
Example 1.1. Sample ifconfig output
[root@tristan]#ifconfigeth0 Link encap:Ethernet HWaddr 00:80:C8:F8:4A:51 inet addr:192.168.99.35 Bcast:192.168.99.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:27849718 errors:1 dropped:0 overruns:0 frame:0 TX packets:29968044 errors:5 dropped:0 overruns:2 carrier:3 collisions:0 txqueuelen:100 RX bytes:943447653 (899.7 Mb) TX bytes:2599122310 (2478.7 Mb) Interrupt:9 Base address:0x1000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:7028982 errors:0 dropped:0 overruns:0 frame:0 TX packets:7028982 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1206918001 (1151.0 Mb) TX bytes:1206918001 (1151.0 Mb)[root@tristan]#route -nKernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.99.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 192.168.99.254 0.0.0.0 UG 0 0 0 eth0
For the moment, ignore the loopback interface (lo) and concentrate on the Ethernet interface. Examine the output of the ifconfig command. We can learn a great deal about the IP network to which we are connected simply by reading the ifconfig output. For a thorough discussion of ifconfig, see Section 1, “ifconfig”.
The IP address active on tristan is 192.168.99.35. This means that
any IP packets created by tristan will have a
source address of 192.168.99.35. Similarly any packet received by
tristan will have the destination address of 192.168.99.35.
When creating an outbound packet tristan will set the destination
address to the server's IP. This gives the remote host and the
networking devices in between these hosts enough information to
carry packets between the two devices.
Because tristan will
advertise that it accepts packets with a destination address of
192.168.99.35, any frames (packets) appearing on the Ethernet
bound for 192.168.99.35 will reach tristan. The process of
communicating the ownership of an IP address is called ARP. Read
Section 1.1, “Overview of Address Resolution Protocol” for a complete discussion of
this process.
This is fundamental to IP networking. It is fundamental that a host be able to generate and receive packets on an IP address assigned to it. This IP address is a unique identifier for the machine on the network to which it is connected.
Common traffic to and from machines today is unicast IP traffic.
Unicast traffic is essentially a conversation between two hosts.
Though there may be routers between them, the two hosts are carrying
on a private conversation. Examples of common unicast traffic
are protocols such as HTTP (web), SMTP (sending mail), POP3 (fetching
mail), IRC (chat), SSH (secure shell), and LDAP (directory access).
To participate in any of these kinds of traffic,
tristan will send and receive packets on 192.168.99.35.
In contrast to unicast traffic, there is another common IP networking technique called broadcasting. Broadcast traffic is a way of addressing all hosts in a given network range with a single destination IP address. To continue the analogy of the unicast conversation, a broadcast is more like shouting in a room. Occasionally, network administrators will refer to broadcast techniques and broadcasting as "chatty network traffic".
Broadcast techniques are used at the Ethernet layer and the IP layer, so the cautious person talks about Ethernet broadcasts or IP broadcast. Refer to Section 1.1, “Overview of Address Resolution Protocol”, for more information on a common use of broadcast Ethernet frames.
IP Broadcast techniques can be used to share information with all partners on a network or to discover characteristics of other members of a network. SMB (Server Message Block) as implemented by Microsoft products and the samba package makes extensive use of broadcasting techniques for discovery and information sharing. Dynamic Host Configuration Protocol (DHCP) also makes use of broadcasting techniques to manage IP addressing.
The IP broadcast address is, usually, correctly derived from the IP address and network mask although it can be easily be set explicitly to a different address. Because the broadcast address is used for autodiscovery (e.g, SMB under some protocols, an incorrect broadcast address can inhibit a machine's ability to participate in networked communication [2].
The netmask on the interface should match the netmask in the routing table for the locally connected network. Typically, the route and the IP interface definition are calculated from the same configuration data so they should match perfectly.
If you are at all confused about how to address a network or how to read either the traditional notation or the CIDR notation for network addressing, see one of the CIDR/netmask references in Section 1.3, “General IP Networking Resources”.
We can see from the output above that the IP address 192.168.99.35
falls inside the address space 192.168.99.0/24. We also note that
the machine tristan
will route packets bound for 192.168.99.0/24 directly onto the
Ethernet attached to eth0. This line in the routing table
identifies a network available on the Ethernet attached to eth0
("Iface") by its network address ("Destination") and size ("Genmask").
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.99.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
Every host on the 192.168.99.0/24 network should share the network address and netmask specified above. No two hosts should share the same IP address.
Currently, there are two hosts connected to the example desktop network.
Both tristan and masq-gw are connected to 192.168.99.0/24. Thus,
192.168.99.254 (masq-gw) should be reachable from tristan.
Success of this test provides evidence that tristan is
configured properly. N.B., Assume that the network
administrator has properly configured masq-gw. Since the
default gateway in any
network is an important host, testing reachability of the default
gateway also has a value in determining the proper operation of the
local network.
The ping tool, designed to take advantage of Internet Control Message Protocol (ICMP), can be used to test reachability of IP addresses. For a command summary and examples of the use of ping, see Section 1, “ping”.
Example 1.2. Testing reachability of a locally connected host with ping
[root@tristan]#ping -c 1 -n 192.168.99.254PING 192.168.99.254 (192.168.99.254) from 192.168.99.35 : 56(84) bytes of data. --- 192.168.99.254 ping statistics --- 1 packets transmitted, 0 packets received, 100% packet loss PING 192.168.99.254 (192.168.99.254) from 192.168.99.35 : 56(84) bytes of data. 64 bytes from 192.168.99.254: icmp_seq=0 ttl=255 time=238 usec --- 192.168.99.254 ping statistics --- 1 packets transmitted, 1 packets received, 0% packet loss round-trip min/avg/max/mdev = 0.238/0.238/0.238/0.000 ms
In Section 2.1, “Sending Packets to the Local Network”, we verified that hosts connected to the same local network can reach each other and, importantly, the default gateway. Now, let's see what happens to packets which have a destination address outside the locally connected network.
Assuming that the network administrator allows ping packets
from the desktop network into the public network,
ping can be invoked with the
record route option to show the path the packet travels from
tristan to wan-gw and back.
Example 1.3. Testing reachability of non-local hosts
[root@tristan]#ping -R -c 1 -n 205.254.211.254PING 205.254.211.254 (205.254.211.254) from 192.168.99.35 : 56(84) bytes of data. --- 205.254.211.254 ping statistics --- 1 packets transmitted, 0 packets received, 100% packet loss PING 205.254.211.254 (205.254.211.254) from 192.168.99.35 : 56(84) bytes of data. 64 bytes from 205.254.211.254: icmp_seq=0 ttl=255 time=238 usec RR: 192.168.99.35205.254.211.179
205.254.211.254
205.254.211.254 192.168.99.254
192.168.99.35
--- 192.168.99.254 ping statistics --- 1 packets transmitted, 1 packets received, 0% packet loss round-trip min/avg/max/mdev = 0.238/0.238/0.238/0.000 ms
As the packet passes through the IP stack on tristan,
before hitting the Ethernet, tristan adds its IP to the
list of IPs in the option field in the header.
| |
This is masq-gw's public IP address.
| |
| Our intended destination! (Anybody know why there are two entries in the record route output?) | |
This is masq-gw's private IP address.
| |
And finally, tristan will add its IP to the option field
in the header of the IP packet just before the packet
reaches the calling ping program.
|
By testing reachability of the local network 192.168.99.0/24 and an IP address outside our local network, we have verified the basic elements of IP connectivity.
To summarize this section, we have:
identified the IP address, network address and netmask in use on
tristanusing the tools ifconfig and routeverified that
tristancan reach its default gatewaytested that packets bound for destinations outside our local network reach the intended destination and return
Static routes instruct the kernel to route packets
for a known destination host or network to a router or
gateway different from the default gateway.
In the example network, the desktop machine tristan would need
a static route to reach hosts in the 192.168.98.0/24 network.
Note that the branch office network is reachable over an ISDN line.
The ISDN router's IP in tristan's network is 192.168.99.1. This
means that there are two gateways in the example desktop network,
one connected to a small branch office network, and the other
connected to the Internet.
Without a static route to the branch office network, tristan would
use masq-gw as the gateway, which is not the most efficient path for
packets bound for morgan. Let's examine why a static route would
be better here.
If tristan generates a packet bound for morgan and
sends the packet to the default gateway, masq-gw will forward the
packet to isdn-router as well as generate an ICMP redirect message
to tristan. This ICMP redirect message tells tristan to send
future packets with a destination address of 192.168.98.82 (morgan)
directly to isdn-router. For a fuller discussion of ICMP redirect,
see
Section 10.2, “ICMP Redirects and Routing”.
The absence of a static route has caused two extra packets to be
generated on the Ethernet for no benefit. Not only that, but
tristan will eventually expire the temporary route entry
[3]
for 192.168.98.82, which means that subsequent packets bound for
morgan will repeat this process
[4].
To solve this problem, add a static route to tristan's routing
table. Below is a modified routing table (see
Section 3, “Changing IP Addresses and Routes” to learn how to change the routing
table).
Example 1.4. Sample routing table with a static route
[root@tristan]#route -nKernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.99.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 192.168.98.0 192.168.99.1 255.255.255.0 UG 0 0 0 eth0 127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo 0.0.0.0 192.168.99.254 0.0.0.0 UG 0 0 0 eth0
According to this routing table, any packets with a destination address in the 192.168.98.0/24 network will be routed to the gateway 192.168.99.1 instead of the default gateway. This will prevent unnecessary ICMP redirect messages.
These are the basic tools for inspecting the IP address and the routes on a linux machine. Understanding the output of these tools will help you understand how machines fit into simple networks, and will be a base on which you can build an understanding of more complex networks.
[1] For BSD and UNIX users, the idiom netstat -rn may be more familiar than the common route -n on a linux machine. Both of these commands provide the same basic information although the formatting is a bit different. For a fuller discussion of these, see either Section 4, “netstat” or Section 1, “route”. For access to all of the routing features of the linux kernel, use ip route instead.
[2] An incorrect broadcast address often highlights a mismatch of the configured IP address and netmask on an interface. If in doubt, be sure to use an IP calculator to set the correct netmask and broadcast addresses.
[3] If the machine is a linux machine, then the temporary route entry is stored in the routing cache. Consult Section 7, “Routing Cache” for more information on the routing cache.
[4] It is quite reasonable to ignore ICMP redirect messages from unknown hosts on the Internet, but ICMP redirect messages on a LAN indicate that a host has mismatched netmasks or missing static routes.